package top.xxyu.shiro;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;

import top.xxyu.app.pojo.CurrentUser;
/**
 * 拦截器 校验用户是否已授权 未授权返回到登录界面
 */
public class PermissionFilter extends AuthorizationFilter {

	@Override
	protected boolean isAccessAllowed(ServletRequest paramServletRequest, ServletResponse paramServletResponse,
			Object paramObject) throws Exception {
		Subject subject = getSubject(paramServletRequest, paramServletResponse);
		CurrentUser cUser = (CurrentUser) subject.getSession().getAttribute(ShiroUtil.SESSION_CURRENT_USER);
		if (null == cUser) {
			return false;
		}
		return true;
	}

	


}
